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1.Exhibit. 


R1 R3 
Priority: O Priority: 128- 
RID: 10.10.10.1 RID: 10.10.10.3 
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ty! Ep 
R2 R4 
Priority: 100 Priority: 128 
RID: 10.10.10.2 RID: 10.10.10.4 
Oa 
Which router will become the osPF BDR if all routers are powered on at the same 
time? es 
S 

A. R4 nO 
B. R1 P 
C. R3 $ 
D. R2 $ 
Answer: A «% 
Explanation: 


OSPF DR/BDR election is a process that occurs on multi-access data links. It is 
intended to select two OSPF nodes: one to be acting as the Designated Router (DR), 
and another to be acting as the Backup Designated Router (BDR). The DR and BDR 
are responsible for generating network LSAs for the multi-access network and 
synchronizing the LSDB with other routers on the same network1. 

The DR/BDR election is based on two criteria: the OSPF priority and the router ID. 
The OSPF priority is a value between 0 and 255 that can be configured on each 
interface participating in OSPF. The default priority is 1. A priority of 0 means that the 
router will not participate in the election and will never become a DR or BDR. The 


router with the highest prioritv will become the DR, and the router with the second 
highest priority will become the BDR. If there is a tie in priority, then the router ID is 
used as a tie-breaker. The router ID is a 32-bit number that uniquely identifies each 
router in an OSPF domain. It can be manually configured or automatically derived 
from the highest IP address on a loopback interface or any active interface2. 

In this scenario, all routers have the same priority of 1, so the router ID will determine 
the outcome of the election. The router IDs are shown in the exhibit as RID values. 
The highest RID belongs to R4 (10.10.10.4), so R4 will become the DR. The second 
highest RID belongs to R3 (10.10.10.3), so R3 will become the BDR. 

Reference: 

1: OSPF DR/BDR Election: Process, Configuration, and Tuning 

2: OSPF Designated Router (DR) and Backup Designated Router (BDR) 
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= user6switchf run show interfaces terse 

Interface Admin Link Proto Remote 

ge-0/0/0 up 

gr-0/0/0 up 

pfe-0/0/0 up 

ge-0/0/1 

ge-0/0/1.0 Í .23.11.10/24 
-10/24 

ge-0/0/2 

ge-0/0/2.0 up 2 ~ f . 100/24 

ge-0/0/3 

ge-0/0/3.0 ME 1K 172. A -100/2¢4 


bmeO 
bme0.0 


What is the management IP address of the device shown in the exhibit? 
A. 10.210.20.233 
B. 172.23.12.100 


C. 128.0.0.1 

D. 172.23.11.10 

Answer: A 

Explanation: 

In the image, we see the output of the interface status of a network device, which is 

typically used for management and configuration purposes. Typically, the 

management interface is configured on a separate, more reliable network to allow 

network administrators to securely access the device without interference from 

regular data network traffic. 

In the displayed list of interfaces, the me0 or me0.0 interface is a common indication 

of a management interface, as "me" often stands for "management ethernet." 

According to the information shown, the me0.0 interface has the IP address 

10.210.20.233/29, indicating it is likelv the management IP address of ne device. 
kol 


3.Which three protocols support BFD2 (Choose three.) Q' 
A. RSTP Ħal 
B. BGP Á 

C. OSPF V 
D. LACP we 
F. FIP V 
Answer: BCD e' 
Explanation: N 

BFD is a protocol that can be used to kly detect failures in the forwarding path 
between two adjacent routers or swįtèhes. BFD can be integrated with various routing 
protocols and link aggregation prgticols to provide faster convergence and fault 
recovery. < = 

According to the Juniper Networks documentation, the following protocols support 
BFD on Junos OS devices1: 

BGP: BFD can be used to monitor the connectivity between BGP peers and trigger a 
session reset if a tajjtire is detected. BFD can be configured for both internal and 
external BGP sessions, as well as for IPv4 and IPv6 address families2. 

OSPF: BFD caħ be used to monitor the connectivitv between OSPF neighbors and 
trigger a state change if a failure is detected. BFD can be configured for both OSPFv2 
and OSPFv3 protocols, as well as for point-to-point and broadcast network tvpes3. 
LACP: BFD can be used to monitor the connectivity between LACP members and 
trigger a link state change if a failure is detected. BFD can be configured for both 
active and passive LACP modes, as well as for static and dynamic LAGs4. 

Other protocols that support BFD on Junos OS devices are: IS-IS: BFD can be used 
to monitor the connectivity between IS-IS neighbors and trigger a state change if a 
failure is detected. BFD can be configured for both level 1 and level 2 IS-IS 
adjacencies, as well as for point-to-point and broadcast network types. 

RIP: BFD can be used to monitor the connectivity between RIP neighbors and trigger 


a route update if a failure is detected. BFD can be configured for both RIP version 1 
and version 2 protocols, as well as for IPv4 and IPv6 address families. 

VRRP: BFD can be used to monitor the connectivity between VRRP routers and 
trigger a priority change if a failure is detected. BFD can be configured for both VRRP 
version 2 and version 3 protocols, as well as for IPv4 and IPv6 address families. 
The protocols that do not support BFD on Junos OS devices are: 

RSTP: RSTP is a spanning tree protocol that provides loop prevention and rapid 
convergence in layer 2 networks. RSTP does not use BFD to detect link failures, but 
relies on its own hello mechanism that sends BPDU packets every 2 seconds by 
default. 

FTP: FTP is an application layer protocol that is used to transfer files between hosts 
over a TCP 

connection. FTP does not use BFD to detect connection failures, but relies on TCP’s 


own Każ 
retransmission and timeout mechanisms. £ 
Explanation: g 


1: [Configuring Bidirectional Forwarding Detection] 2: [Co figuring Bidirectional 
Forwarding Detection for BGP] 3: [Configuring Bidirectiona Forwarding Detection for 
OSPF] 4: [Configuring Bidirectional Forwarding Detegtion for Link Aggregation Control 
Protocol] : [Configuring Bidirectional Forwarding Deféction for IS-IS] : [Configuring 
Bidirectional Forwarding Detection for RIP] : [Coffiguring Bidirectional Forwarding 
Detection for VRRP] : [Understanding Rapid, Spanning Tree Protocol] : 
[Understanding FTP] É 
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user@PE-1> show route table ISPl.inet.0 
user@PE-1i> configure 


(edit) ' 
user@PE-1@ show routing-instances | 


— onn FT ge-orore 
ISPI { | iner.o let (IE ISPl.inet.0 ] 
instance-tvpe forwarding; a cE Fr ee L -—— 


routing-options ( PE-1 
static ( 


T 
route 0.0.0.0/0 next-hop 203.0.113.2; 


instance-import ISPl-import; . 


The ispi _ inet. 0 route table has currently no routes in it. 

What will happen when you commit the configuration shown on the exhibit? 

A. The inet. 0 route table will be completely overwritten by the ispi . inet. O route table. 
B. The inet. O route table will be imported into the ispi . inet. O route table. 

C. The ISPI . inet. O route table will be completely overwritten by the inet. o route 
table. 

D. The ISPI . inet. O route table will be imported into the inet. O route table. 

Answer: B 

Explanation: 

The configuration shown in the exhibit is an example of a routing instance of type 
virtual-router. A routing instance is a collection of routing tables, interfaces, and 
routing protocol parameters that create a separate routing domain on aJuniper 
device. A virtual-router routing instance allows administrators to divide a device into 
multiple independent virtual routers, each with its own routing tabtE2. 

The configuration also includes a rib-group statement, which i Used to import routes 
from one routing table to another. A rib-group consists of ay port-rib statement, 
which specifies the source routing table, and an export-rijo statement, which specifies 
the destination routing table. X 

In this case, the rib-group name is inet-to-ispi, andthe import-rib statement specifies 
inet.O as the source routing table. The export-ripStatement specifies ispi.inet.0 as the 
destination routing table. e' 

This means that the routes from inet.0 wilkbe imported into ispi.inet.O. 

Therefore, the correct answer is B. Thajħiet.0 route table will be imported into the 
ispi.inet.0 route table. 


Reference: S 
1: Routing Instances Overview.” Virtual Routing Instances : [rib-group (Routing 
Options)] $ 
9 
a 
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5.Which statementgd correct about graceful Routing Engine switchover (GRES)? 

A. The PFE restgits and the kernel and interface information is lost. 

B. GRES has Phelper mode and a restarting mode. 

C. When combined with NSR, routing is preserved and the new master RE does not 
restart rpd. 

D. With no other high availability features enabled, routing is preserved and the new 
master RE does not restart rpd. 

Answer: C 

Explanation: 

The Graceful Routing Engine Switchover (GRES) feature in Junos OS enables a 
router with redundant Routing Engines to continue forwarding packets, even if one 
Routing Engine fails1. GRES preserves interface and kernel information, ensuring 
that traffic is not interruptedi. However, GRES does not preserve the control plane. 


To preserve routing during a switchover, GRES must be combined with either 
Graceful Restart protocol extensions or Nonstop Active Routing (NSR)1. When GRES 
is combined with NSR, nearly 75 percent of line rate worth of traffic per Packet 
Forwarding Engine remains uninterrupted during GRES1. Any updates to the primary 
Routing Engine are replicated to the backup Routing Engine as soon as they occur. 
Therefore, when GRES is combined with NSR, routing is preserved and the new 
master RE does not restart rpd1. 


6.Which statement is correct about controlling the routes installed by a RIB group? 
A. An import policy is applied to the RIB group. 
B. Only routes in the last table are installed. 
C. A firewall filter must be configured to install routes in the RIB groups 
S 


D. An export policy is applied to the RIB group. Ka 
Answer: A P-a 

] « 
Explanation: 


A RIB group is a configuration that allows a routing protogp|4 install routes into 
multiple routing tables in Junos OS. A RIB group consists of an import-rib statement, 
which specifies the source routing table, and an expogħrib statement, which specifies 
the destination routing table or group. A RIB groupdàn also include an import-policv 
statement, which specifies one or more policie control which routes are imported 
into the destination routing table or groupli. ef 

An import policy is a policy statement thaj-defines the criteria for accepting or 
rejecting routes from the source routingsfable. An import policy can also modify the 
attributes of the imported routes, sugħ as preference, metric, or communitv. An import 
policv can be applied to a RIB grgub bv using the import-policv statement under the 
[edit routing-options rib-groups}hlerarchy level. 

Therefore, option A is corregf because an import policy is applied to the RIB group to 
control which routes are jħistalled in the destination routing table or group. Option B is 
incorrect, because all roltes in the source routing table are imported into the 
destination routing table or group, unless filtered by an import policy. Option C is 
incorrect, becaugé a firewall filter is not used to install routes in the RIB groups; a 
firewall filter is Used to filter packets based on various criteria. Option D is incorrect, 
because an export policy is not applied to the RIB group; an export policy is applied to 
a routing protocol to control which routes are advertised to other devices. 

Reference: 1: rib-groups | Junos OS | Juniper Networks 
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172.22.101.0/24 172.22.106.0/30 172.22.111.0/24 
ge-0/0/1.0 L) ge-0/0/5.0 2 ge-0/0/6.0 
Denver Office Dallas Office 


Denver Office Subnet | Subnet Dallas Office 
Switch | Switch 


ka 
You are using OSPF to advertise the subnets that are used by Denver and Dallas 
offices. The routers that are directly connected to the Dallas end Denver subnets are 
not advertising the connected subnets. Wa 

Referring to the exhibit, which two statements are corre? (Choose two.) 

A. Create static routes on the switches using the i router's loopback interface 
for the next hop. Pal 

B. Configure and applv a routing policv that re, tributes the Dallas and Denver 
subnets using Tvpe 5 LSAs. Kat 

C. Configure and applv a routing policv ya redistributes the connected Dallas and 
Denver subnets. S 

D. Enable the passive option on tagħOSPF interfaces that are connected to the Dallas 
and Denver subnets. V 

Answer: BC Ku 

Explanation: > 

The image shows a network topology of the Denver and Dallas office networks, 
including two routers and R2 and their respective connected subnets. The 
description in the image indicates that the routers directly connected to the Dallas and 
Denver subnetgare not advertising these subnets. This typically means we need to 
configure OSPF to ensure these subnets can be learned by other routers. 

The two correct statements are: 

Configure and apply a routing policy that redistributes the Dallas and Denver subnets 
using Type 5 LSAs. 

This means you need to create a policy to reintroduce these directly connected 
subnets into OSPF as external routes. Type 5 LSAs are used to advertise routes from 
non-OSPF networks. 

Configure and apply a routing policy to redistribute the connected Dallas and Denver 
subnets. 

This action will directly incorporate these subnets into the OSPF process, ensuring 


thev are learned bv other OSPF routers. 
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WU WEEE 
usexr@Ri> show route receive-protocol bgp 10.36.1.4 MA 
4 


inet.0: 33 destinations, 57 routes (33 active, 0 holddown, 0 hidden) 
Nexthop Lcilpref AS path 

14 bi -100.8/32 d fa b 65401 65520 I 
:100.9/32 . $13 65401 65521 I 
s189.0/30 3 sal. 65401 65521 I 
-1.0/30 4 Li d 65401 IT 
-2.0/30 4 is 65401 I 
.12.0/30 0.36.1.4 65401 I 
-100.2/32 10. b fue 65401 I 


a 

You want to verify prefix information being sent from 10.36.1.4. 

Which two statements are cogèct about the output shown in the exhibit? (Choose 
two.) 9 

A. The routes displavedfiàve traversed one or more autonomous svstems. 

B. The output showssoutes that were received prior to the application of any BGP 
import policies. IS 

C. The output sffows routes that are active and rejected by an import policy. 

D. The routes displayed are being learned from an | BGP peer. 

Answer: AB 

Explanation: 

The output shown in the exhibit is the result of the command “show ip bgp neighbor 
10.36.1.4 received-routes', which displays all received routes (both accepted and 
rejected) from the specified neighbor. 

Option A is correct, because the routes displayed have traversed one or more 
autonomous systems. This can be seen from the AS_PATH attribute, which shows 
the sequence of AS numbers that the route has passed through. For example, the 
route 10.0.0.0/8 has an AS PATH of 65001 65002, which means that it has traversed 


AS 65001 and AS 65002 before reaching the local router. 
Option B is correct, because the output shows routes that were received prior to the 
application of anv BGP import policies. This can be seen from the fact that some 
routes have a status code of 'r', which means that thev are rejected bv an import 
policv. The 'received-routes' kevword shows the routes coming from a given 
neighbor before the inbound policv has been applied. To see the routes after the 
inbound policv has been applied, the 'routes' kevword should be used instead. 
Option C is incorrect, because the output does not show routes that are active and 
rejected by an import policy. The status code of 'r' means that the route is rejected 
by an import policy, but it does not mean that it is active. The status code of “>” 
means that the route is active and selected as the best path. None of the routes in the 
output have both “>” and 'r' status codes. 
Option D is incorrect, because the routes displayed are not being learned from an 
IBGP peer. An IBGP peer is a BGP neighbor that belongs to the sapè AS as the local 
router. The output shows that the neighbor 10.36.1.4 has a remo AS of 65001, 
which is different from the local AS of 65002. Therefore, the ngighbor is an EBGP 
peer, not an IBGP peer. g 
eo 

X 
9.What is the default keepalive time for BGP?  „g® 
A. 10 seconds V 
B. 60 seconds e' 
C. 30 seconds N 
D. 90 seconds o 
Answer: B = 
Explanation: AS 
The default keepalive time for BGP is 60 secondsi. The keepalive time is the interval 
at which BGP sends keepalivċ messages to maintain the connection with its peert. If 
the keepalive message igmot received within the hold time, the connection is 
considered lost1. By default, the hold time is three times the keepalive time, which is 
180 secondsi. > 
Cà 
10.Which two statements are correct about tunnels? (Choose two.) 
A. BFD cannot be used to monitor tunnels. 
B. Tunnel endpoints must have a valid route to the remote tunnel endpoint. 
C. IP-IP tunnels are stateful. 
D. Tunnels add additional overhead to packet size. 
Answer: BD 
Explanation: 
A tunnel is a connection between two computer networks, in which data is sent from 
one network to another through an encrypted link. Tunnels are commonly used to 
secure data communications between two networks or to connect two networks that 


use different protocols. 

Option B is correct, because tunnel endpoints must have a valid route to the remote 
tunnel endpoint. A tunnel endpoint is the device that initiates or terminates a tunnel 
connection. For a tunnel to be established, both endpoints must be able to reach each 
other over the underlying network. This means that they must have a valid route to 
the IP address of the remote endpointi. 

Option D is correct, because tunnels add additional overhead to packet size. Tunnels 
work by encapsulating packets: wrapping packets inside of other packets. This means 
that the original packet becomes the payload of the surrounding packet, and the 
surrounding packet has its own header and trailer. The header and trailer of the 
surrounding packet add extra bytes to the packet size, which is called overhead. 
Overhead can reduce the efficiency and performance of a network, as it consumes 
more bandwidth and processing power2. < 

Option A is incorrect, because BFD can be used to monitor tunnels BED isa protocol 
that can be used to quickiv detect failures in the forwarding path k6tween two 
adjacent routers or switches. BFD can be integrated with varig8$ routing protocols 
and link aggregation protocols to provide faster convergengg'and fault recoverv. BFD 
can also be used to monitor the connectivitv of tunnels, stich as GRE, IPsec, or 
MPLS. X 

Option C is incorrect, because IP-IP tunnels are stafċless. IP-IP tunnels are a tvpe of 
tunnels that use IP as both the encapsulating ant? encapsulated protocol. IP-IP 
tunnels are simple and easy to configure, butdħev do not provide anv securitv or 
authentication features. IP-IP tunnels are,stateless, which means that they do not 
keep track of the state or status of the tufinel connection. Stateless tunnels do not 
require any signaling or negotiation between the endpoints, but they also do not 
provide any error detection or recavery mechanisms. 

Reference: 1: What is Tunneling? | Tunneling in Networking 2: What Is Tunnel In 
Networking, Its Types, And 4f 

Benefits? : [Configuring Bidirectional Forwarding Detection] : [IP-IP Tunneling] 


$ 

N 
11.Which statement is correct about IP-IP tunnels? 
A. IP-IP tunnel® only support encapsulating IP traffic. 
B. IP-IP tunnels only support encapsulating non-IP traffic. 
C. The TTL in the inner packet is decremented during transit to the tunnel endpoint. 
D. There are 24 bytes of overhead with IP-IP encapsulation. 
Answer: A 
Explanation: 
IP-IP tunnels are a type of tunnels that use IP as both the encapsulating and 
encapsulated protocol. IP-IP tunnels are simple and easy to configure, but they do not 
provide any security or authentication features. IP-IP tunnels only support 
encapsulating IP traffic, which means that the payload of the inner packet must be an 
IP packet. IP-IP tunnels cannot encapsulate non-IP traffic, such as Ethernet frames or 


MPLS labels1. 

Option A is correct, because IP-IP tunnels only support encapsulating IP traffic. 
Option B is incorrect, 

because IP-IP tunnels only support encapsulating non-IP traffic. Option C is incorrect, 
because the 

TTL in the inner packet is not decremented during transit to the tunnel endpoint. The 
TTL in the outer 

packet is decremented by each router along the path, but the TTL in the inner packet 
is preserved 

until it reaches the tunnel endpoint2. Option D is incorrect, because there are 20 
bytes of overhead 

with IP-IP encapsulation. The overhead consists of the header of the outer packet, 


which has a fixed IEX 
size of 20 bytes for IPv43. X 
Reference: L 
1: IP-IP Tunneling 2: What is tunneling? | Tunneling in networKtig 3: IPv4 - Header 
47 
$ 


O 
12.You are configuring an IS-IS IGP network and do pet see the IS-IS adjacencies 
established. In this scenario, what are two reasongdor this problem? (Choose two.) 


A. MTU is not at least 1492 bytes. FS 
B. IP subnets are not a /30 address. e' 


C. The Level 2 routers have mismatched areas. 

D. Thelo0 interface is not included asa? IS-IS interface. 

Answer: AD > 

Explanation: AS 

Option A suggests that the MT ts not at least 1492 bytes. This is correct because IS- 
IS requires a minimum MT 1492 bytes to establish adjacencies1. If the MTU is 
less than this, IS-IS adjagencies will not be established1. 

Option D suggests th the lo0 interface is not included as an IS-IS interface. This is 
also correct because he loopback interface (lo0) is typically used as the router ID in 
IS-IS1. If the loopback interface is not included in IS-IS, it could prevent IS-IS 
adjacencies from being established1. Therefore, options A and D are correct. 


13. You are asked to create a new firewall filter to evaluate Layer 3 traffic that is being 
sent between VLANs. In this scenario, which two statements are correct? (Choose 
two.) 

A. You should create a family Ethernet-switching firewall filter with the appropriate 
match criteria and actions. 

B. You should apply the firewall filter to the appropriate VLAN. 

C. You should create a family inet firewall filter with the appropriate match criteria and 
actions. 


D. Vou should applv the firewall filter to the appropriate IRB interface. 

Answer: CD 

Explanation: 

A firewall filter is a configuration that defines the rules that determine whether to 

forward or discard packets at specific processing points in the packet flow. A firewall 

filter can also modifv the attributes of the packets, such as prioritv, marking, or 

logging. A firewall filter can be applied to various interfaces, protocols, or routing 

instances on a Juniper devicel. 

A firewall filter has a family attribute, which specifies the type of traffic that the filter 

can evaluate. The familv attribute can be one of the following: inet, inet6, mpls, vpls, 

iso, or ethernet-switching2. The familv inet firewall filter is used to evaluate IPv4 

traffic, which is the most common tvpe of Laver 3 traffic on a network. 

To create a familv inet firewall filter, vou need to specifv the appropriate match criteria 
ad 20, 

and actions for each term in the filter. The match criteria can includeWarious fields in 

the IPv4 header, such as source address, destination address, pidtocol, port number, 

or DSCP value. The actions can include accept, discard, rejegR count, log, policer, or 

next term3. 4? 

To apply a firewall filter to Layer 3 traffic that is being sgg between VLANs, you need 

to apply the filter to the appropriate IRB interface. AnJAB interface is an integrated 

routing and bridging interface that provides Laver functionality fora VLAN ona 

Juniper device. An IRB interface has an IP ad régs that acts as the default gateway 

for the hosts in the VLAN. An IRB interface also participate in routing protocols 

and forward packets to other VLANs or networksd. 

Therefore, option C is correct, becausawbu should create a family inet firewall filter 

with the appropriate match criteria anè actions. Option D is correct, because you 

should apply the firewall filter to tine’ appropriate IRB interface. 

Option A is incorrect, because ðU should not create a family ethernet-switching 

firewall filter with the appropsfate match criteria and actions. A family ethernet- 

switching firewall filter isgġsed to evaluate Layer 2 traffic on a Juniper device. A family 

ethernet-switching firwàli filter can only match on MAC addresses or VLAN IDs, not 

on IP addresses or,protocols5. 

Option B is incogect, because you should not apply the firewall filter to the 

appropriate VURN. A VLAN is a logical grouping of hosts that share the same 

broadcast domain on a Layer 2 network. A VLAN does not have an IP address or 

routing capability. A firewall filter cannot be applied directly to a VLAN; it must be 

applied to an interface that belongs to or connects to the VLAN6. 

Reference: 1: Firewall Filters Overview 2: Configuring Firewall Filters 3: Configuring 

Firewall Filter Match 

Conditions and Actions 4: Understanding Integrated Routing and Bridging Interfaces 

5: Configuring 

Ethernet-Switching Firewall Filters 6: Understanding VLANs 
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userGhost# show 
protocols { 
oam { 
gre-tunnel ( 
interface qr-1/1/10. 
keepalive-time 


hold-time 


Q 
You have configured a GRE tunnel. To rgðuce the risk of dropping traffic, you have 
configured a keepalive OAM probe toyRonitor the state of the tunnel; however, traffic 
drops are still occurring. Oa 
Referring to the exhibit, what is KA problem? 
A. For GRE tunnels, the OAM $rotoco! requires that the BFD protocols also be used. 
B. The "event link- adjacenef'loss' option must be set. 
C. LLDP needs to be refoved from the gr-1/1/10.1 interface. 
D. The hold-time valy must be two times the keepalive-time value 
Answer: D $ 
Explanation: oe 
A keepalive OAM probe is a mechanism that can be used to monitor the state of a 
GRE tunnel and detect any failures in the tunnel path. A keepalive OAM probe 
consists of sending periodic packets from one end of the tunnel to the other and 
expecting a reply. If no reply is received within a specified time, the tunnel is 
considered down and the line protocol of the tunnel interface is changed to down1. 
To configure a keepalive OAM probe for a GRE tunnel, you need to specify two 
parameters: the keepalive-time and the hold-time. The keepalive-time is the interval 
between each keepalive packet sent by the local router. The hold-time is the 
maximum time that the local router waits for a reply from the remote router before 
declaring the tunnel down2. 


According to the Juniper Networks documentation, the hold-time value must be two 
times the keepalive-time value for a GRE tunnel2. This is because the hold-time value 
must account for both the round-trip time of the keepalive packet and the processing 
time of the remote router. If the hold-time value is too small, it may cause false 
positives and unnecessarv tunnel flaps. 
In the exhibit, the configuration shows that the keepalive-time is set to 10 seconds 
and the hold-time 
is set to 15 seconds for the gr-1/1/10.1 interface. This means that the local router will 
send a keepalive packet every 10 seconds and will wait for 15 seconds for a reply 
from the remote router. However, this hold-time value is not two times the keepalive- 
time value, which violates the recommended configuration. This may cause traffic 
drops if the remote router takes longer than 15 seconds to reply. 
Therefore, option D is correct, because the hold-time value must be twe times the 
keepalive-time value for a GRE tunnel. Option A is incorrect, becaugé BFD is not 
required for GRE tunnels; BFD is another protocol that can be used to monitor 
tunnels, but it is not compatible with GRE keepalives3. Optio Bis incorrect, because 
the “event link-adjacencv-loss' option is not related to GREsdMeLs itis an option 
that can be used to trigger an action when a link goes dgwn4. Option C is incorrect, 
because LLDP does not need to be removed from thesgr- 1/1/10.1 interface; LLDP is a 
protocol that can be used to discover neighboring | devices and their capabilities, but it 
does not interfere with GRE tunnels5. S 
Reference: e' 
1: Configuring Keepalive Time and Hold id for a GRE Tunnel Interface 2: keepalive 
| Junos OS | 
Juniper Networks 3: Configuring Bigicona Forwarding Detection 4: event link- 
adjacency-loss | 
Junos OS | Juniper Networks Cretan Link Layer Discovery Protocol 
Kul 
3° 
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PS EEA reteset || Hf i 

Export: [ IPCLOS_BGP EXP] J Import: [ IPCLOS_BGP IMP ) 

Options: <Preference j 3| Multipath LocalAS  Refresh> 

Options: <VpnApplyExport) MbuDistoverv MultipathAs BfdEnabled> 

Holdtime: 90 Preference: irdi Local AS: 65400 Local System AS: 0 

Number of flaps: 0 

Peer ID: 10.52.100.2 Local ID: 10.52.100.1 Active Holdtime: 90 

Keepalive Intervai: 30 Group, index: 0 Peer index: 0 SNMP 
index: 0 

I/O Session Thread: bgpic-0 State: Enabled 

BED: enabled, up 


sija 


! Peer Bees not PELL ELEY, jitarien 
Restart flag received. from. TAMIL cee 
that restart is negotiated for: inet-unicast 
-of received end-of-rib markers: inet-unicast 
of all end-of-rib markers sent: inet-unicast: 
Peer does not: support: LLGR Restarter functionality 
Peer supports 4 byte AS! extension (peer-as 65401) 
Peer does not support Addpath | 
Table inet.O Bit: 20000 
RIB State: BGP restart is complete 
Send state: in sync 
Active prefixes: 
Received prefixes: 
Accepted prefixes: 
Suppressed due to damping: 


Advertised prefixes: 2 
Last traffic (seconds): Received 22 Sent 10 Checked 69617 
Input messages: Total 2568 Updates 4 Refreshes 0 Octets 48991 
Output messages: Total 2572 Updates 8 Refresnes 0 Octets 49362 
Output Queue(i): 0 (inet.0, inet-unicast) 
Ca 


You are a network operator troubleshooting BGP connectivity. 

Which two statements are correct about the output shown in the exhibit? (Choose 
two.) 

A. Peer 10.32.1.2 is configured for AS 63645. 

B. The BGP session is not established. 

C. The RI is configured for AS 65400. 

D. The routers are exchanging IPv4 routes. 

Answer: CD 

Explanation: 

Based on the output shown in the exhibit, the correct two statements are: 


RI is configured for AS 65400. 

In the exhibit output, "Local: 10.32.1.1+1179 AS 65400" indicates that the local router 
(R1) is part of Autonomous System 65400. 

The routers are exchanging IPv4 routes. 

The term "inet-unicast" in the output indicates that IPv4 unicast routes are being 
exchanged between the BGP peers. 


16.What is the maximum allowable MTU size for a default GRE tunnel without IPv4 
traffic fragmentation? 

A. 1496 bytes 

B. 1480 bytes 


C. 1500 bytes IEX 
D. 1476 bvtes Każ 
Answer: D L 
Explanation: tal 


The maximum allowable MTU size for a default GRE tunn iNiithout IPv4 traffic 
fragmentation is 1476 bytes1. This is because GRE packets are formed by the 
addition of the original packets and the required GREsfeaders1. These headers are 
24-bytes in length and since these headers are added to the original frame, 
depending on the original size of the packet w ay run into IP MTU problems1. The 
most common IP MTU is 1500-bytes in lengie{Ethernet)1. When the tunnel is 
created, it deducts the 24-bytes it needs tg encapsulate the passenger protocols and 
that is the IP MTU it will use1. For exanaple, if we are forming a tunnel over 
FastEthernet (IP MTU 1500) the IOStalculates the IP MTU on the tunnel as: 
1500-bytes from Ethernet - 24-byes for the GRE encapsulation = 1476-Bytes1. 

o 


$ 

S 
17.You are a network o Stor who wants to add a second ISP connection and 
remove the default rote io the existing ISP You decide to deploy the BGP protocol in 
the network. > 
What two statements are correct in this scenario? (Choose two.) 
A. IBGP updat&s the next-hop attribute to ensure reachability within an AS. 
B. IBGP peers advertise routes received from EBGP peers to other IBGP peers. 
C. IBGP peers advertise routes received from IBGP peers to other IBGP peers. 
D. EBGP peers advertise routes received from IBGP peers to other EBGP peers. 
Answer: BC 
Explanation: 
In this scenario where you are a network operator wanting to add a second ISP 
connection and remove the default route to the existing ISP and decide to deploy the 
BGP protocol in the network, the correct two statements are: 
IBGP peers advertise routes received from EBGP peers to other IBGP peers. 
This is correct. Inside an Autonomous System (AS), IBGP peers will advertise routes 


learned from EBGP peers to other IBGP peers to ensure that all routers within the AS 
have information about external destinations. 

IBGP peers advertise routes received from IBGP peers to other IBGP peers. 

This is typically incorrect. Within IBGP, route information is not passed from one IBGP 
peer to another by default, to prevent routing information loops within an AS, unless 
route reflectors are configured or there is a full mesh IBGP setup. 


18.You are troubleshooting a BGP routing issue between your network and a 
customer router and are reviewing the BGP routing policies. 

Which two statements are correct in this scenario? (Choose two.) 

A. Export policies are applied to routes in the RIB-In table. 


B. Import policies are applied to routes in the RIB-Local table. IR 
C. Import policies are applied after the RIB-In table. X 
D. Export policies are applied after the RIB-Local table. R- 
Answer: CD : 
Explanation: ta 


ate 

In BGP, routing policies are used to control the flow of ropiting information between 
BGP peers1. Option C suggests that import policies axe applied after the RIB-In table. 
This is correct because import policies in BGP are applied to routes that are received 
from a BGP peer, before they are installed in thetfocal BGP Routing Information Base 
(RIB-In)1. The RIB-In is a database that storgs all the routes that are received from all 
peers]. N 
Option D suggests that export policies afè applied after the RIB-Local table. This is 
correct because export policies in BGP are applied to routes that are being advertised 
to a BGP peer, after they have b 3h selected from the local BGP Routing Information 
Base (RIB-Local)1. The RIB-L Al is a database that stores all the routes that the 
local router is using1. Thergiére, options C and D are correct. 

^ 
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19.You are asked Sonnet an IP phone and a user computer using the same 
interface on an EX Series switch. The traffic from the computer does not use a VLAN 
tag, whereas tiġ traffic from the IP phone uses a VLAN tag. 

Which feature enables the interface to receive both types of traffic? 

A. native VLAN 

B. DHCP snooping 

C. MAC limiting 

D. voice VLAN 

Answer: D 

Explanation: 

The feature that enables an interface on an EX Series switch to receive both 
untagged traffic (from the computer) and tagged traffic (from the IP phone) is the 
voice VLAN12. 


The voice VLAN feature in EX-series switches enables access ports to accept both 
data (untagged) and voice (tagged) traffic and separate that traffic into different 
VLANs12. This allows the switch to differentiate between voice and data traffic, 
ensuring that voice traffic can be treated with a higher priority12. Therefore, option D 
is correct. 
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